Properly referencing ISO standards

[JasnahKholin]

My company recently got a NC from a 3rd party audit due to the fact that we do not reference the year of the ISO standards we are certified to on our externally facing website as well as our internally facing documents. The auditor pointed to the bottom of this page on the ISO website ISO name and logo as the standard that needs to be followed.

The funny thing is, that we had previously had 3rd party consultants tell us that we should remove all of the dates from where we reference ISO standards to avoid issues when the standards are inevitably updated.

Has anyone else encountered something like this from auditors?

 

[Sidney Vianna]

This is as asinine and valueless as they come. The ISO website is NOT a valid source of requirements and the guidance there is not a valid criteria for an ISO 9001 audit. Appeal this idiotic finding.

 

[geoffairey]

My company recently got a NC from a 3rd party audit due to the fact that we do not reference the year of the ISO standards we are certified to on our externally facing website as well as our internally facing documents. The auditor pointed to the bottom of this page on the ISO website ISO name and logo as the standard that needs to be followed.

The funny thing is, that we had previously had 3rd party consultants tell us that we should remove all of the dates from where we reference ISO standards to avoid issues when the standards are inevitably updated.

Has anyone else encountered something like this from auditors?

I’d 100% challenge this as this with the Certification Body (CB) as it’s not a failure to comply with the standards in question (There’s no wording in ISO standards requiring this that I’m aware of)
Best practice would suggest that you include the year certified against, but again, that’s not a non conformity.
The only thing where I could see this, is if it’s a requirement of your contract with the CB, this is why many CBs provide graphics for your website. But again, this isn’t a non conformity.

 

[JasnahKholin]

We have reached out to ISO directly to get clarification on this as well, mostly because we do want to be sure everything externally facing is compliant, but no idea if they will even respond.

 

[PaulJSmith]

Wow. You might want to consider never using that third party auditor ever again.

 

[Sidney Vianna]

Wow. You might want to consider never using that third party auditor ever again.

They should consider asking for money back from the CB. If this is the type of nonconformity the auditor can come up with, they are really useless. I would love to see the NC statement, specially the reference to the requirement being violated. Asinine auditing.

 

[Funboi]

Depending on your home country, if you know the auditor’s credential #, I’d complain to them that the auditor is not competent per ISO 19011.

 

[Ron Rompen]

If that is the level that the auditor has to dig down to to find a 'nonconformance' then you are obviously doing an excellent job of maintaining your QMS.
With that being said, the auditor is (IMHO) completely wrong. I am not aware of ANY requirement to include a reference to the revision date of the standard ANYWHERE, much less on your website. I agree with the other recommendations made here to appeal this, and to contact your 3rd party and discuss further with them.

 

[Jim Wynne]

We have reached out to ISO directly to get clarification on this as well, mostly because we do want to be sure everything externally facing is compliant, but no idea if they will even respond.

Even if ISO says that you should follow their guidelines in this regard it doesn't mean that it's a legitimate audit NC. Ask the auditor where this is referenced in ISO 9001.

 

[Johnnymo62]

I read this paragraph from the ISO 9001:2015 standard as requiring a legal copy of a standard available. "Documented information of external origin determined by the organization to be necessary for the planning and operation of the quality management system shall be identified as appropriate, and be controlled.

Also, I think because ISO owns the legal rights to the names and logos, we are required to use them as specified by ISO.

Therefore, I think the finding is a legitimate issue. But I don't think it's worthy on an NC because of the OP's earlier guidance.

Personally, I would never leave the revision date in doubt anywhere it's called out.

But that's just me...